is it safe to change the RDP port?

if the RDP port is changed to a non-standard port, it is very likely that these people will simply iterate ports until they locate the re-assigned RDP port and then continue to try to brute force the password? - Yes, that's likely to happen.

My fear of the unknown is that to change the port it would be done by me via Remote Desktop Connection; is it safe? - It's safe for the current session. Changing the default listening port requires a server reboot, so you'll be OK until you reboot the server after making this change.

What is the risk of locking myself out? - Pretty low for the existing session. The risk is that after making the change and rebooting the server you could be prevented from accessing the server if there's a network firewall in front of the server that only allows connections to the default port to the server.

Also, instead of telling RDC to go to "my server ip address", would future access have to be expressed as "my server ip address:new RDP port"? - Yes.

There is little risk in losing access to the server by changing the RDP port, but there is still some.

Before changing the RDP port, check any firewalls the server is behind and make sure the new port is not blocked.

Also, make sure you can get console access if needed (remote hands, a friend that has access to the server, a remote IP KVM, whatever). This is probably good for any server anyways.

To answer your last question, yes, you will have to specify the port number in the RDP connection each time.

One last word of advice, even though you're changing the port number RDP listens on, it is still possible for an evil-doer to make connections. Ensure all accounts have strong passwords and disable the Administrator account if possible.

Don't try to change the RDP port on the server.

Don't expect changing the port number to automatically make RDP safe.

Do have a firewall in front of your server that can control RDP traffic to and from your server.

Do set your firewall to forward traffic on a non-standard port to the RDP standard port 3389. I explain why below. To my knowledge, the built-in Windows Firewall will not do this, but other firewalls will.

Do set your firewall to allow traffic on your RDP port from your home system, and disallow RDP from everything else. Depending on the firewall and other options, this could mean getting a static IP for your home system or setting up a dynamic dns service, or it could mean writing firewall rules based on known mac addresses you use.

To avoid just kicking this issue up to your firewall interface, you want to set this up so your firewall can only be configured over RDP. Even so, this should reduce the risk of locking yourself out. You accomplish by configuring a non-standard port-forward rule on your firewall in addition to the standard RDP port, so you can test the new rule in safe way. Write your firewall rule for what port you want, test that it blocks access from a random location (like a library), but still allows access from home. Then block access on the normal port after you've successfully testing the rule (or vice versa: use the non-standard port as a safeguard until you've tested the rule on the standard port).

And of course, what you should really be doing here is setting up a VPN connection to your server... but even with a VPN connection, you'll want a firewall controlling access.

IMHO it is not safe to expose RDP directly to internet. I recommend to consider use of VPN as already mentioned. If there is some reason for not using VPN. Change the port on NAT rule of your firewall and setup rules that blocks people scanning ports.